For Bank of Commerce, identifying Severe but Plausible Scenarios (SbPS) for CBS-1 Deposit and Account Services is a critical step in operational resilience.
These scenarios are not hypothetical extremes but credible disruption events that could realistically occur and significantly impact the bank’s ability to deliver essential deposit services.
According to BCM Institute guidance, SBPS should test the resilience of critical business services against a combination of operational, cyber, third-party, and environmental disruptions, ensuring that the organisation can remain within its defined impact tolerances.
Aligned with BSP Circular No. 1203 (2024), banks in the Philippines are required to conduct scenario testing using severe but plausible disruptions, including cyber incidents, technology failures, and third-party outages.
The scenarios below are designed to reflect Bank of Commerce’s operating environment, including reliance on core banking systems, digital banking channels, ATM/card networks (e.g., BancNet/Mastercard), telecom infrastructure, and third-party vendors.
Each scenario also integrates Cyber and ICT risks, as required by regulators, and includes proactive risk management actions to demonstrate preparedness.
|
Sub-CBS Code |
Sub-CBS |
Severe but Plausible Scenario |
Impact / Effect |
Proactive Risk Management Action |
Link to Integration of Cyber and ICT Risks |
|
1.1 |
Customer Onboarding and Account Application |
Branch system outage during peak onboarding period |
Delayed account opening; backlog of applications |
Implement offline onboarding forms and batch upload capability |
ICT system outage, endpoint failure |
|
1.2 |
Customer Identification and Verification (KYC/CDD) |
KYC/AML screening system unavailable due to vendor outage |
Inability to verify customers; onboarding halted |
Maintain backup screening procedures and alternate provider access |
Third-party system failure, cyber dependency |
|
1.3 |
Account Approval and Opening |
Workflow system failure or database corruption |
Accounts cannot be activated; service delays |
Enable manual approval and post-recovery reconciliation |
Core system failure, data integrity risk |
|
1.4 |
Initial Funding and Deposit Booking |
Core banking outage during deposit transactions |
Funds not credited; customer dissatisfaction |
Activate manual receipting and deferred posting procedures |
Core banking disruption, transaction integrity risk |
|
1.5 |
Product Setup and Account Parameter Maintenance |
Incorrect parameter deployment due to a system error |
Wrong fees/interest applied across accounts |
Enforce maker-checker controls and rollback procedures |
Configuration risk, system change failure |
|
1.6 |
Deposit Transactions Processing |
The core banking system crashed during the peak transaction period |
Inability to process deposits/transfers; systemic disruption |
Implement active-active DR architecture and transaction replay |
Critical ICT failure, high availability risk |
|
1.7 |
Withdrawal and Funds Access Processing |
ATM network outage due to telecom failure |
Customers are unable to withdraw cash |
Provide branch fallback withdrawals and alternate network routing |
Telecom outage, ATM network dependency |
|
1.8 |
Account Servicing and Customer Maintenance |
CRM system unavailable due to a cyber incident |
Customer requests are delayed; poor service experience |
Enable manual servicing logs and prioritise high-risk requests |
Cyberattack, data access disruption |
|
1.9 |
Interest, Fees, and Charges Processing |
Batch processing failure at the end of the day |
Incorrect balances or missing interest postings |
Re-run batch with validation controls and reconciliation checks |
Batch processing risk, system integrity issue |
|
1.10 |
Statement, Passbook, and Balance Reporting |
Reporting system failure or data inconsistency |
Customers are unable to view accurate balances/statements |
Enable alternate reporting channels and regenerate statements |
Data integrity risk, reporting system failure |
|
1.11 |
Digital Account Access and Channel Integration |
A Distributed Denial-of-Service (DDoS) attack on online banking |
Customers are unable to log in or transact online |
Deploy DDoS protection, traffic filtering, and failover channels |
Cyberattack (DDoS), digital channel disruption |
|
1.12 |
ATM and Card-Based Access Management |
Card switch failure or BancNet/Mastercard outage |
ATM and POS transactions unavailable |
Establish alternate routing and contingency withdrawal processes |
Third-party ICT dependency, network failure |
|
1.13 |
Account Reconciliation and Exception Handling |
The reconciliation system failure is causing a backlog of breaks |
Unresolved discrepancies affecting financial integrity |
Automate reconciliation recovery and prioritise high-value breaks |
Data processing failure, system outage |
|
1.14 |
Dormancy, Holds, and Account Restrictions Management |
Failure to apply fraud hold due to system outage |
Unauthorised transactions; potential fraud losses |
Enable emergency manual hold procedures and escalation |
Control system failure, fraud risk |
|
1.15 |
Fraud Monitoring and Transaction Surveillance |
Fraud monitoring system outage during cyberattack |
Undetected fraudulent transactions; financial losses |
Implement real-time alert backup and manual monitoring escalation |
Cybersecurity failure, SIEM disruption |
|
1.16 |
Complaints, Disputes, and Service Recovery |
Call centre system outage during a major incident |
Customers are unable to report issues or disputes |
Activate alternate communication channels (email, branch) |
Telecom failure, communication system outage |
|
1.17 |
Regulatory Reporting and Compliance Monitoring |
Data warehouse failure before the regulatory submission deadline |
Inability to submit accurate regulatory reports |
Maintain manual reporting templates and escalation protocols |
Data system failure, reporting risk |
|
1.18 |
Business Continuity and Service Recovery for Deposit Services |
Data centre outage due to a natural disaster or a cyberattack |
Multiple services are disrupted across CBS-1 |
Activate the DR site, the crisis management team, and recovery procedures |
Full ICT infrastructure failure, cyber/physical risk |
Under BSP Circular No. 1203, banks are required to:
The identification of Severe but Plausible Scenarios for CBS-1 Deposit and Account Services enables Bank of Commerce to move from static planning to dynamic resilience testing.
By linking each sub-service to realistic disruption scenarios, the bank can better understand how failures in technology, cyber systems, third parties, or processes may cascade across operations.
This approach ensures that resilience is not only documented but actively validated through testing and continuous improvement.
More importantly, this exercise aligns directly with BSP Circular No. 1203, which emphasises scenario testing, cyber resilience, third-party risk management, and the integration of business continuity.
For Bank of Commerce, the next step is to operationalise these scenarios through structured testing exercises, validate recovery capabilities against defined impact tolerances, and continuously refine controls to ensure that critical deposit services remain available, secure, and reliable—even under severe disruption conditions.
| eBook 3: Starting Your OR Implementation |
|||||
| CBS-1 Deposit & Account Services | |||||
| CBS-1 DP | CBS-1 MD | CBS-1 MPR | CBS-1 ITo | CBS-1 SuPS | CBS-1 ST |
To learn more about the course and schedule, click the buttons below for the OR-300 Operational Resilience Implementer course and the OR-5000 Operational Resilience Expert Implementer course.
|
If you have any questions, click to contact us. |
||
|
|